Don't let the word "virtual" in virtual servers fool you. You're the only one who knows it's virtual. From the perspective of the virtual server itself, the devices connected to it, applications running on it, end-users connecting to it, or security threats trying to compromise it, the server is very, very real. A new survey from Kaspersky Labs found that many IT professionals understand that securing virtual environments is important, but don't fully understand the threats or how to properly defend against them.
Tony Bradley |
29 Jul |
Read more
I wrote yesterday about a report from Microsoft researchers, which goes against established password security best practices. The new guidance from the Microsoft researchers makes sense to me, because it fits how I handle password management already. However, at least one security expert feels that there is a fatal flaw that makes the new password advice impractical: You.
Tony Bradley |
19 Jul |
Read more
Stop me if you've heard this one before: You should use unique, complex passwords for every login you have to manage, and you should employ a password management utility to keep track of it all. That is the prevailing advice, but a couple Microsoft researchers have come to the conclusion that it might be the wrong approach.
Tony Bradley |
18 Jul |
Read more
In early June the U.S. Department of Justice revealed that the Gameover Zeus (GOZ) botnet had been disabled thanks to the success of a joint effort dubbed "Operation Tovar." The celebration appears to have been premature, though, as security researchers have already discovered a resurgence of Gameover malware infections.
Tony Bradley |
15 Jul |
Read more
It's déjà vu all over again. After a mind-blowing 59 separate vulnerabilities were patched in Internet Explorer last month, the Microsoft Web browser is hogging the spotlight again in July.
Tony Bradley |
09 Jul |
Read more
As much of the workforce in the United States coasts through the rest of the day looking forward to an extended weekend to grill hot dogs and drink beer--I mean, celebrate the nation's independence--Microsoft released its advance notification for next week's Patch Tuesday. The six security bulletins include two ranked Critical, three Important, and one listed merely as Moderate.
Tony Bradley |
04 Jul |
Read more
All malware is bad, but some malware is more insidious than others. That seems to be the case with CosmicDuke. According to a new white paper from F-Secure, CosmicDuke meshes elements of two notorious malware threats--MiniDuke and Cosmu--to form a potent new attack.
Tony Bradley |
03 Jul |
Read more
The Internet-of-Things is a thing. If you haven't heard about it yet, get ready because we're in the early stages of an explosion of technology that will connect, monitor, and in some cases share almost every aspect of our lives. Fortinet conducted a survey of consumers to find out what people think about the security and privacy concerns of the Internet-of-Things.
Tony Bradley |
24 Jun |
Read more
Have you ever had a smartphone or tablet stolen? The devices' size and portability makes them prime targets for criminals, and there is a rising trend of people being mugged for their mobile devices. A new study found that consumers are increasingly concerned with the risk of having a mobile device stolen.
Tony Bradley |
20 Jun |
Read more
The 2014 World Cup tournament has kicked off in Brazil. Soccer (or football anywhere outside of the United States) is the most popular sport in the world, and billions of people will be following the matches closely. While you're busy figuring out how to stream games to your work PC while appearing to be busy with an Excel spreadsheet, you should be aware that World Cup will also be a feeding frenzy of malware and phishing attacks.
Tony Bradley |
13 Jun |
Read more
One of the best ways to demonstrate expertise and establish a positive reputation for your business or your employer is by sharing information through posts on a website. And one of the best ways to engage customers is to allow comments on those posts and to respond to them. If you're not careful, though, spammers will derail your comments and possibly drive potential customers away.
Tony Bradley |
12 Jun |
Read more
Six down, six to go. Today is the Microsoft Patch Tuesday for June, and it comes with seven new security bulletins. The good news is that five of the seven are only rated as Important, but one of the two Critical security bulletins--the cumulative update for Internet Explorer--is huge.
Tony Bradley |
11 Jun |
Read more
When a eBay suffered a massive data breach a few weeks ago, most of the attention revolved around the compromise of passwords and the vulnerabilities in the site’s security. While those are legitimate concerns, they obscure the most glaringly weak link in the security chain: people.
Tony Bradley |
10 Jun |
Read more
Ransomware attacks like CryptoLocker have been plaguing users for a while now. The recent shutdown of the Gameover Zeus botnet has led to a dramatic decline in these types of attacks, but you can expect that cybercriminals will regroup and launch new ones soon enough. But KnowBe4, a company that offers security awareness training, is so confident it can teach users to protect themselves, it's offering to pay the ransom if a customer falls victim to a ransomware scheme.
Tony Bradley |
07 Jun |
Read more
The U.S. Department of Justice announced today that the Gameover Zeus (GOZ) botnet has been taken down in an effort dubbed "Operation Tovar." The action was the result of a multinational effort between government agencies, law enforcement, and private companies to shut down the massive botnet responsible for more than $100 million in losses for victims. The cooperation necessary to take down the botnet is impressive, but there will be more, and it's important for individuals to understand how to avoid falling victim to these threats.
Tony Bradley |
03 Jun |
Read more